Irish tram system website hacked; held for 1 BTC ransom

The official website of Luas, a tram and light rail system in Dublin, Ireland was hacked on Thursday, January 3rd after a hacker defaced its homepage and left a message demanding ransom payment of 1 Bitcoin (BTC).

In their deface message, an unknown hacker claimed that Luas was informed about “serious security holes” in their system which the company apparently ignored. Therefore now, Luas has to pay 1 Bitcoin in five days or personal data of over 3000 users will be exposed.

“You are hacked. Some time ago I wrote that you have serious security holes you didn’t reply the next time someone talks to you, press the reply button you must pay 1 bitcoin in 5 days otherwise I will publish all data and send emails to your users,” the message on Luas’s website stated.

HackRead was able to take a screenshot from the Google cache version of Luas’s website. Here is a full preview of the deface page.

Screenshot of the deface page

Luas, on the other hand, has acknowledged the hack and issued a statement on Twitter according to which “The Luas website was compromised this morning, and a malicious message was put on the home page. The website has been taken down by the IT company who manage it, and their technicians are working on it. Luas are informed this may take the day to resolve.”

In another statement, Luas revealed that 3,226 individuals who signed up to receive its newsletter may have had their data stolen due to the attack. However, the company maintains that financial data of users was not compromised.

Due to an ongoing issue, please do not click onto the Luas website. We currently have technicians working on the issue. We will be using this forum only for travel updates should the need arise. For any queries, please contact our customer care number on 1850 300 604.

— Luas (@Luas) January 3, 2019

This is not the first time when authorities responsible for railway system have been hit by a cyber attack. In 2016, San Francisco Railway’ Fare System suffered a sophisticated attack in which hackers demanded ransom payment of 100 Bitcoin. In Europe, Denmark’s largest train operator was hit by DDoS attack last year which eventually crippled its service.

At the time of publishing this article, the targeted website was down for maintenance and it is unclear whether the company is interested in paying ransom or not.

However, the cyber attack on Luas came just days after The Dark Overlord hacking group claimed to steal a trove of data from Hiscox Syndicates Ltd, a law firm responsible for handling insurance files related to 9/11 terrorist attacks. The group also demanded ransom in Bitcoin and threatened to leak crucial 9/11 insurance related files if their demand is not met.